EU online banking increasingly hit by cyber attacks

The number of cyber attacks targeting online banking in the EU in the past year has increased dramatically compared to 2010, Microsoft said on Thursday (31 May).

Tim Rains, director of Microsoft's "trustworthy" computing division, said the Netherlands and Germany are under constant attack from an online banking trojan called EyeStye. "It is now one of the number one threats," said Rains.

Why join?

Already a member?

The parasite is able to bypass anti-virus software and lurk undetected for long periods. The malicious programme, once downloaded and launched, attempts to steal sensitive data and send it to an attacker.

The number of infections in the past year in the Netherlands is "through the roof," said Rains.

Germany has had more online bank infections than any other country in the world and registered a 30 percent increase in the second half of 2011 alone.

Speaking at a conference in Brussels on cyber security and digital crimes organised by Microsoft, Rains said the trojan "socially engineers" its victims by luring them through innocuous-looking prompts to change security settings.

Another trojan variant called Zbot has also been on the scene since 2007.

Purposely built to steal financial information from infected computers, the parasite is spreading quickly.

Zbot is found most frequently in Spain, where one out of every 100 Microsoft Windows operated computers in 2010 was infected. Stealing log-in credentials and website certificates for online banking are among its specialities.

Romania consistently ranks as the member state in the EU with the most infected computers.

"Infection rates in the country make it the highest infected member state in the EU," said Rains.

Around 15 percent of computers in Romania are infected with viruses. And over 11 percent have worms, a self-propagating program that can automatically distribute itself from one computer to another.

Meanwhile, the top four EU countries with the most malware infections detected by Microsoft in the second half of 2011 are France, Germany, the UK and Italy. In France, the company detected nearly 2 million infections, followed by Germany with just under 2 million, the UK with 1.5 million and Italy with around 1.3 million.

The United States, in comparison, had over 10 million detections in the second half of 2011. Norway, Denmark and Finland have the lowest number of detections in the EU with less than three computers out of 1,000 infected.

The European Commission, for its part, said it will adopt a draft proposal on Monday for a regulation on electronic identification in the internal market - an EU first.

The regulation would, among other things, require member states to recognise and accept "notified" electronic identifications of other member states for access to cross-border public services.

Member states, however, would not be obligated to introduce electronic identification, said the Commission.

Meanwhile, the commission is also pushing to get a cyber security strategy together before the end of the year.

EU home affairs commissioner Cecilia Malmstrom, also at the event, said the strategy would aim to improve critical infrastructure defences and the manner in which sensitive information is shared.

"It is time now for the EU to set up a strategy on how to fight cyber crime," she said.

, your membership gives you access to all of our stories. We highly appreciate your support and value your feedback. If you have any thoughts on this story, we would love to hear it.

German media outlet Correctiv, along with other newsrooms, have revealed how criminals annually cheat EU states out of billions in VAT fraud. The EU Commission says solutions exist - but member states refuse to budge on tax unanimity.